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A MONOLITHIC SEMICONDUCTOR DEVICE FOR PREVENTING EXTERNAL 

ACCESS TO AN ENCRYPTION KEY 

FIELD OF THE DISCLOSURE 

The present disclosure relates generally to encryption of data and more particularly to 
5 preventing access to an encryption key used to encrypt and/or decrypt data. 

BACKGROUND 

Encryption and/or scrambling methods are commonly implemented in devices and 
systems to protect data from illicit access and/or tampering. For example, many providers of 
motion pictures experts group (MPEG) encoded multimedia content use encryption to prevent 
fb unauthorized copying of the MPEG content before it is decoded. However, to keep the 
% 5 encrypted data secure, the means of encryption and/or decryption also must be secure. One 
In method used to ensure the "strength" of the encryption method is to use a proprietary 
encryption/decryption algorithm. However, the strength of this type of encryption depends on 
Ki the secrecy of the proprietary encryption/decryption algorithm, which can rarely be assured. 
'M Other encryption methods utilize well-known encryption/decryption algorithms, but rely on the 
JH secrecy of a specific encryption key to ensure the "strength" of the encryption. 

;T While ensuring the secrecy of a specific encryption key is generally much less difficult 

than ensuring the secrecy of a proprietary encryption/decryption algorithm, the private 
encryption keys used by conventional encryption systems are still relatively accessible by an 

20 unauthorized entity. In software encryption implementations, the private encryption key can 
often be obtained by accessing a location of the system memory of the system executing the 
encryption software. Alternatively, the traces or wires that connect different circuit elements of a 
system or device can be probed by a logic analyzer or other device to observe the encryption key 
and/or the decrypted data as it is transmitted from one circuit component to another. These 

25 methods of illicitly accessing the private key generally require minimal effort, thereby often 
defeating only casual attempts at accessing the private key. 
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Given these limitations, as discussed, it is apparent that a device to improve the security 
of encryption keys would be advantageous. 

BRIEF DESCRIPTION OF THE DRAWINGS 

Various advantages, features and characteristics of the present disclosure, as well as 
5 methods, operation and functions of related elements of structure, and the combination of parts 
and economies of manufacture, will become apparent upon consideration of the following 
description and claims with reference to the accompanying drawings, all of which form a part of 
this specification. 

FIG. 1 is a block diagram illustrating a monolithic semiconductor device in accordance 
\k with at least one embodiment of the present disclosure; 

jfi FIG. 2 is a block diagram illustrating a method of providing access to a key register of a 

M monolithic semiconductor device during a manufacturing process in accordance with at least one 
'1% embodiment of the present disclosure; 

H FIG. 3 is a block diagram illustrating a method for providing temporary access to a key 

ftl register of a monolithic semiconductor device in accordance with at least one embodiment of the 
o present disclosure; 

FIGS. 4-5 are block diagrams illustrating the use of an isolation portion to control the 
external accessibility of a key register in accordance with at least one embodiment of the present 
disclosure; 

20 FIG. 6 is a block diagram illustrating the generation and storage of a private encryption 

key and a corresponding public encryption key in accordance with at least one embodiment of 
the present disclosure; and 
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FIG. 7 is a block diagram illustrating an exemplary implementation of a monolithic 
semiconductor device used to decrypt encrypted MPEG content in accordance with at least one 
embodiment of the present disclosure. 

DETAILED DESCRIPTION OF THE FIGURES 

5 In accordance with the present disclosure, a monolithic semiconductor device, such as an 

integrated circuit, is disclosed. The monolithic semiconductor device includes an encryption 
engine having an input port and a memory location having an output port connected to the input 
port, wherein a data value to be stored in the memory location is observable only by the 
encryption engine. One advantage in accordance with a specific embodiment of the present 
10 disclosure is that encryption keys stored in the memory location are more secure from illicit 
''.J external access. 

" = FIGS. 1-7 illustrate a monolithic semiconductor device having an encryption engine and 

W encryption key register to store one or more encryption keys, where the contents of the 
m encryption key register are observable, or can be made observable, only to internal components 
: 15 of the monolithic semiconductor device. The encryption key register can be implemented as an 
H integrated or non-integrated non-volatile or volatile memory location. In at least one 
Vj embodiment, the monolithic semiconductor device includes one or more means for externally 
O accessing and/or defining the contents of the key register during the manufacturing process 
and/or for a limited number of times after the manufacture of the monolithic semiconductor 
20 device is completed. 

Referring now to FIG. 1, monolithic semiconductor device 100 is illustrated according to 
at least one embodiment of the present disclosure. Monolithic semiconductor device 100 
includes external port 110, encryption engine 120, and key register 130. Monolithic 
semiconductor device 100 can also include memory 140, which can include key register 130, 
25 and/or additional component 150. Monolithic semiconductor device 100 can include any one of 
a variety of monolithic semiconductor chips or circuits, such as an integrated circuit (IC), an 
application specific integrated circuit (ASIC), a dual-inline package (DIP), a microprocessor, and 



3 



VIXS.0100300 



the like. For example, in at least one embodiment, monolithic semiconductor device 100 can be 
implemented as an ASIC used to decrypt encrypted multimedia content for a motion pictures 
experts group (MPEG) decoder. Monolithic semiconductor device 100 can be formed on a 
silicon substrate, a gallium arsenide substrate, or using any other semiconductor fabrication 
5 technology. 

In the following discussion, the terms "encryption" and "scrambling", and their 
counterparts "decryption" and "descrambling", are used to describe operations to render data 
unintelligible to an unauthorized entity. The term "scrambling" generally refers to using 
relatively efficient algorithms that use shift and/or XOR operations on large amounts of data. 
10 For example, data encryption standard (DBS) scrambling is often used on video data. On the 
other hand, the term "encryption" generally refers to using relatively computationally intensive 
l algorithms that use keys to render relatively small amounts of data unintelligible. One example 
jf of an encryption algorithm is the Rivest-Shamir-Adleman (RSA) algorithm. In at least one 
3 embodiment, monolithic semiconductor device 100 uses both encryption and scrambling. For 
15 example, monolithic semiconductor device 100 could receive a large amount of video data 
jf scrambled using the DES algorithm and a control word encrypted using the RSA algorithm. 
Monolithic semiconductor device 100 could then decrypt the control word, and then use the 
decrypted control word to descramble the scrambled video data. Although the means differ, 
U encryption and scrambling are both used to the same end, i.e. rendering data unintelligible to 
20 unauthorized entities. Accordingly, the term "encryption", as used herein, refers to either 
"encryption" and "scrambling", or both, unless otherwise noted. As a guideline, however, 
scrambling/descrambling is typically used on relatively large amounts of data, such as video 
data, and encryption/decryption is used on relatively smaller amounts of data, such as a control 
word used to scramble/descramble video data. 

25 In at least one embodiment, an encryption key stored in key register 130 is provided to 

encryption engine 120. Encryption engine 120 can then use part or all of the encryption key to 
perform an encryption/decryption function on data. For example, encryption engine 120 can be 
used to decrypt incoming data from external port 110 and provide the decrypted data to 
additional component 150, or encryption engine 120 can encrypt data provided by additional 
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component 150 and provide the encrypted data to external port 110 for output to an external 
device or circuit. External port 1 10 can include an input port, an output port, or an input/output 
(I/O) port utilized as an interface with an external device or circuit. Additional component 150 
can include any variety of internal logic and/or circuitry to perform one or more functions of 
5 monolithic semiconductor device 1 00. For example, additional circuitry can include a hardwired 
implementation of an symmetrical encryption method, such as the data encryption standard 
(DES), an implementation of a motion pictures experts group (MPEG) decoder, and the like. 

The encryption key stored in key register 130 can include a symmetrical key or control 
word used by symmetrical encryption methods such as Data Encryption Standard (DES), where 
10 the same symmetrical key is used to encrypt and decrypt data. Alternatively, in at least one 
embodiment, the encryption key stored in key register 130 includes an asymmetrical key used by 
O asymmetrical encryption methods such as the RSA. In asymmetrical encryption methods, one 
key is used to encrypt data (the public key of the recipient of the encrypted data) and one key is 
used to decrypt encrypted data (the private key of the recipient). For example, as discussed in 
lis greater detail with reference to FIG. 7, encryption engine 120 can include an asymmetrical 
E : encryption engine and additional component 150 can include a symmetrical encryption engine. 

In this case, encryption engine 120 be used to decrypt an encrypted control word, and the control 
[I word can then be provided to the symmetrical encryption engine (additional component 1 50) to 
\}{ decrypt data encrypted by another device or system using the control word. 

H 20 In at least one embodiment, encryption engine 120 is capable of using a portion of the 

encryption key stored in key register 130 based on the level of security desired. For example, 
key register 130 could include a 128-bit private encryption key. In this case, encryption engine 
120 could have access to a plurality of public keys corresponding to different sized portions of 
the 128-bit private encryption key. For example, the first forty bits of the private key in key 
25 register 130 can be used in conjunction with a corresponding public key to provide minimum 
security, the first 64 bits of the private key can be used in conjunction with a corresponding 
public key to provide moderate security, and the full 128 bits can be used in conjunction with a 
different corresponding public key to provide a high level of security. Alternatively, key register 
130 can include a plurality of encryption keys with the same or different bit lengths. For 
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example, key register 130 can include a 512-bit ROM having a 256-bit encryption key, a 128-bit 
encryption key, and two 64-bit encryption keys. In this case, encryption engine 120 can obtain 
one key of the plurality of encryption keys based on a variety of factors. For example, each one 
of the encryption keys could be associated with each of a plurality of external device types that 
5 can interface with monolithic semiconductor device 100. 

It will be appreciated that access by third parties to the key used to encrypt and decrypt 
data is prevented to maintain the integrity of the encrypted data. For example, if an unauthorized 
entity were to obtain the symmetric key from key register 130, the unauthorized entity could 
easily decrypt encrypted data transmitted for reception by monolithic semiconductor device 100. 
10 Accordingly, the contents (i.e. the encryption key) of key register 130 of monolithic 
semiconductor device 100, in at least one embodiment, are inaccessible, i.e. unobservable, to any 
(i device external to monolithic semiconductor device 100. Similarly, in one embodiment, the 
% contents of key register 130 are observable only by encryption engine 120. 

Key register 130 can be implemented in a variety of ways. In at least one embodiment, 
45 key register 130, as well as its contents, are implemented as non- volatile memory in an internally 
accessible location. For example, monolithic semiconductor device 100 can include memory 
140, where memory 140 can include read only memory (ROM), programmable ROM (PROM), 
i and the like. In this case, key register 130 could be represented by a memory location of 
memory 140 that can only be accessed by one or more internal components of monolithic 
20 semiconductor device 100. For example, the address of memory 140 representing key register 
130 could be accessed only by asserting an enable pin of memory 140 that is only connected to 
encryption engine 120, therefore accessible only by encryption engine 120. 

Alternatively, key register 130 can be implemented as a separate read-only memory 
(ROM) module in a specific location of the silicon die of monolithic semiconductor device 100 
25 during the fabrication of the silicon die. For example, if the silicon die of monolithic device 100 
is etched using a lithography method, such as deep ultraviolet lithography (DUVL) or extreme 
ultraviolet lithography (EUVL), the specified portion of the lithographic mask representing key 
register 130 as ROM can be modified to etch a specific bit sequence (i.e. the encryption key) in 
the specified portion of the silicon die. For the manufacture of subsequent monolithic 
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semiconductor devices 100, the lithographic mask can be modified for each silicon die to 
generate a different bit sequence for the ROM portion. Similarly, a first lithographic mask can 
be applied to the silicon die of monolithic semiconductor device 100 to etch the portions of the 
silicon die not represented by key register 130. A second lithographic mask can then be applied 
5 to the unetched portion of the silicon die to generate a ROM region representing key register 130 
and its encryption key content. Alternatively, a laser etching process can be used to define the 
portion of the silicon die representing key register 130 to have the desired encryption key value. 

In another embodiment, key register 130 is implemented as volatile memory, such as a 
register, cache, random access memory (RAM), and the like. In this case, an encryption key can 
10 be generated by encryption engine 120 and stored in key register 130. For example, key register 
„, 130 can be implemented as random access memory (RAM) and the data value stored in the RAM 
\Q is defined by encryption engine 120 each time monolithic semiconductor device 100 is "powered 
,S up" or a new encryption session is initiated. Alternatively, an external device or circuit can 
H | generate an encryption key and provide the encryption key to key register 130 via external port 
f i5 110. As discussed in greater detail subsequently, this access to key register 130 can be limited to 
a one-time access by using a fuse or other device to prevent subsequent external access. 

r, s As discussed previously, in at least one embodiment, devices and/or circuits external to a 

"jf monolithic semiconductor device 100 are prevented from observing the contents of an internal 
M key register 130 used to store an encryption key. One method used to prevent external access to 
20 key register 130 is to place key register 130 in a location on the silicon die of monolithic 
semiconductor device 100 physically and logically accessible only by one or more of the internal 
components. For example, the output port of key register 130 can be physically connected only 
to an input port of encryption engine 120. In addition, the components of monolithic 
semiconductor device 100 can be designed so that disclosure of the contents of key register 130 
25 cannot be output via external port 110. For example, the logic structure of encryption engine 120 
can be designed so that no command or sequence of commands directed to encryption engine 
120 will cause the disclosure of the contents of key register 130 to the external entity. 



In conventional systems utilizing encryption methods, traces or connections between 
components of the system can be probed to gain access to encryption keys and/or encrypted data, 
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thereby defeating the protection afforded by encrypting data. However, according to at least one 
implementation of present disclosure, access to the encryption key can be prevented to all but the 
most determined. It will be appreciated that by isolating key register 130, unauthorized entities 
will have considerable difficulty accessing contents of key register 130. Since key register 130 is 
5 part of a monolithic semiconductor device and the contents of key register 130 are observable by 
only one or more internal components of the monolithic semiconductor device, the contents of 
key register 130 cannot be observed outside of the monolithic semiconductor device. In order to 
access key register 130, an unauthorized entity generally would need to disassemble the 
monolithic semiconductor device, oftentimes destroying the monolithic semiconductor device in 
10 the process and therefore rendering useless the ill-gotten contents of key register 130. Likewise, 
if the unauthorized entity did gain access to one key register 130 of a monolithic semiconductor 
device, only the encryption key associated with that single monolithic semiconductor device 
would be compromised because the other monolithic semiconductor devices can have different 
i- 2 an unique encryption keys stored in their key registers 130. 

f t 5 It will be appreciated that temporary external access to the key register of a monolithic 

semiconductor device may be appropriate. For example, during testing of the monolithic 

N semiconductor device after manufacture, it may be desirable to verify the value of the encryption 
key stored in the key register by making the contents of the key register one-time accessible to 
4 external circuits or devices. Likewise, in one embodiment, the contents of the key register can 

HO be defined during the manufacturing process or by a third-party. For example, the key register 
could include a programmable read only memory (PROM), such as EEPROM or one-time 
programmable ROM (OTPROM) programmed at the end of the manufacturing process to store a 
specified encryption key. 

Accordingly, in at least one embodiment, the monolithic semiconductor device is 
25 modified to prevent subsequent access to the contents of the key register by an external entity 
after an initial access for testing, verification, or manufacturing purposes. For example, a test 
program may need access to key register 130 to verify that key register 130 holds the proper 
encryption value. In this case, the test program could either access key register 130 directly to 
obtain the value of the encryption key or the test program could provide encryption engine 120 
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with encrypted data that can only be decrypted using the correct key that is to be stored in key 
register 130. If encryption engine 120 is able to decrypt the data using the value stored in key 
register 130, then the contents of key register 130 can be considered correct. If encryption 
engine 120 is unable to encrypt the data, then the value is likely corrupt. It will be appreciated 
5 that since the value (the encryption key) is different for each monolithic semiconductor device, 
the test program needs to be dynamic so that the different value for each monolithic 
semiconductor device can be tested. It will be appreciated that while initial external access for 
testing purposes may be desired, subsequent external access after the testing is complete is to be 
prevented. FIGS. 2-5 illustrate various methods for preventing subsequent access. 

10 FIG. 2 illustrates a variation of the monolithic semiconductor device discussed with 

reference to FIG. 1. Monolithic semiconductor device 200 includes external port 110, graphics 
£ 3 engine 120, key register 130 and additional component 150, as discussed with reference to 
monolithic semiconductor device 100 of FIG. 1. Monolithic semiconductor device 200 
additionally includes silicon die 205, package substrate 210, input/output (I/O) die pads 231-237, 
15 and external I/O pins 241-244. As illustrated, the components of monolithic semiconductor 
£r ; device 200 are implemented on silicon die 205 and contained in package substrate 210. Package 
f substrate 210 can include a plastic casing, a heat sink, various pins used to interface with and 
M provide power to silicon die 205, and the like. Package substrate 210, among other things, is 
H used to prevent access to traces connecting portions of monolithic semiconductor device 200. 

= 20 it will be appreciated that integrated circuits and other monolithic semiconductor devices 

often include a silicon die bonded to package substrate pins via die pads. For example, external 
port 110 is connected to external I/O pins 241-244 via I/O die pads 231-234, thereby allowing 
external entities to interface with monolithic semiconductor device 200 via external I/O pins 
241-244. Similarly, I/O die pads 235-237 connected to key register 130 can be used to interface 
25 with key register 130 during the manufacturing and/or die testing processes. However, in at least 
one embodiment, no connection exists between I/O die pads 235-237 and any external pins of 
package substrate 210, thereby preventing external access to key register 130 once packaging is 
complete. Accordingly, the manufacture of monolithic semiconductor device 200 can define the 
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contents of key register 130 and/or verify the contents during the manufacturing phase while 
preventing access in the finished product. 

FIGS. 3-5 illustrate another variation of the monolithic semiconductor device discussed 
with reference to FIG. 1 . In addition to the components of monolithic semiconductor device 100 
5 (FIG. 1), monolithic semiconductor device 300 also includes isolation portion 310 used to 
connect key register 130 to external port 110. Isolation portion 310, in one embodiment, 
includes a fuse that can be blown using external or internal input. For example, as illustrated in 
FIG. 4, while fuse 41 1 is intact, encryption key 401 stored in key register 130 is observable to a 
circuit or device external to monolithic semiconductor device 300. Likewise, if key register 130 
10 is programmable, then an external entity can program a desired encryption key 401 into key 
register 1 30. For example, a software application can periodically generate a new encryption key 
U value to replace the previous stored encryption key in key register 130 as a countermeasure to 
S any potential unauthorized attempts at access to the contents of key register 1 30. By periodically 
changing the encryption key value, if an unauthorized entity were to gain access to the 
U5 encryption key via key register 130, the accessed value would only be useful until a new 
p, encryption key is generated. 

i A However, after any necessary access to key register 130 by an external entity is 

1 11 performed, fuse 411 can be blown to prevent subsequent access, as illustrated in FIG. 5. Because 
□ no valid physical connection exists between key register 130 and external port 1 10, an external 
' 20 device is unable to directly access the contents of key register 130. In one embodiment, fuse 411 
is blown using an externally generated current. For example, after a manufacturer has verified 
the correct value stored in key register 130 using a testing process or program, the manufacturer 
could provide a current to fuse 41 1 via external port 110 that exceeds the capacity of fuse 411, 
thereby causing the metal of fuse 411 to melt. In another embodiment, isolation portion 310 
25 includes logic that determines when fuse 411 is to be blown and then blows the fuse at the 
appropriate time. For example, the logic could be programmed to blow the fuse after a certain 
number of accesses of the contents of key register 130. Other implementations of isolation 
portion 310 to prevent subsequent external access to key register 130 may be used without 
departing from the spirit or the scope of the present disclosure. 
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As discussed previously, in at least one embodiment, the key register of the monolithic 
semiconductor device includes volatile memory, such as RAM, registers, or cache. In this case, 
the contents of the key register can be reprogrammed with a new data value each time the 
monolithic semiconductor device is "powered up" and/or reprogrammed between sessions with a 
5 second device. FIG. 6 illustrates one method of reprogramming the contents of the key register. 
In at least one embodiment, the monolithic semiconductor device disclosed herein is used as part 
of an asymmetric encryption device and/or system. Accordingly, where key register 130 
includes volatile memory and is to be reprogrammed between sessions or during power ups, 
encryption engine 120 can be used to generate a private key and a public key for its use. For 
10 example, encryption engine 120 can use the RSA algorithm to randomly generate private key 
601 and public key 602. Private key 601 can be stored in the memory location or register 
represented by key register 130 for subsequent use by encryption engine 120 to decrypt data 
\; H encrypted using public key 602. Public key 602 can be stored locally, such as in memory or a 
register internal to encryption engine 120 or in memory used by one or more elements of the 
',15 monolithic semiconductor device, such as memory 140 (FIG. 1). In addition to, or instead of, 
= storing public key 602 locally, public key 602 can be provided to an external entity via external 
to port 1 1 0 for use in encrypting data intended for a device or system implementing the monolithic 
I , semiconductor device disclosed herein. 

J/1 Whether generated and permanently programmed during manufacture, or programmed by 

Clo software at a later date, in at least one embodiment, public key 602 is recorded for access in a 
non-secure manner. For example, public key 602 can be recorded in a public, or semi-public, 
database. Likewise, in one embodiment, public key 602 is represented as a bar code or label 
affixed to the chip package. For example, a monolithic silicon device used to encrypt/decrypt 
video data could be manufactured by a chip manufacturer and then provided to various vendors 
25 for use in their proprietary video systems. In this case, the bar code or label could be scanned by 
the vendors to determine public key 602, and public key 602 then be implemented in the video 
system as necessary. By affixing a label or barcode to provide a record of public key 602, a 
central key management system would not be needed to supply public key 602 to the clients of a 
chip manufacturer. 
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Referring now to FIG. 7, an exemplary implementation of the monolithic semiconductor 
device is illustrated according the present disclosure. System 700 includes a system for 
encrypting and decrypting motion pictures experts group (MPEG) data transmitted between 
MPEG source 710 and MPEG client interface 720. MPEG source 710 includes source interface 
5 711 and scrambler 712. MPEG client interface 720 represents an implementation of the 
monolithic semiconductor device disclosed herein. MPEG client interface 720 includes key 
register 130, unique ID register 725, encryption engine 120, descrambler 750, and output port 
110. 

In this exemplary implementation, MPEG source 710 provides an encrypted control word 
to MPEG client interface 710, where the control word is used to descramble scrambled MPEG 
data provided by MPEG source 710. The session is initiated with transmission 730 where 
encryption engine 120 of MPEG client 720 provides a session request and a representation of its 
(the client's) public key, such as public key 602 (FIG. 6), to source interface 711 of MPEG 
source 710. Transmission 730 can also include a representation of the unique ID stored in UID 
register 135 used to identify the MPEG client to verify the source of transmission 730. Source 
interface 711 can then verify the identification of MPEG client interface 720 using the unique ID 
and/or the client public key and respond to a positive verification by providing encryption engine 
120 with the public encryption key associated with MPEG source 710, if needed. The source 
public encryption key can be used by MPEG client interface 720 to encrypt data transmitted 
from MPEG client interface 720 to MPEG source 710. 

In transmission 740, MPEG source 710 provides an encrypted control word to encryption 
engine 120 of MPEG client interface 720, where the control word is encrypted using an 
asymmetrical encryption method, such as the RSA encryption method. The encrypted control 
word can then be decrypted by encryption engine 120 by using the client private key. The 
25 decrypted control word is then provided to descrambler 750. In this implementation, the control 
word includes a symmetrical key used in a symmetrical encryption/decryption scheme, such as 
data encryption standard (DES), triple DES (3DES), advanced encryption standard (AES), digital 
video broadcasting-common scrambling (DVB-CS), common scrambling system (CSS), and the 
like. 
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In transmission 745, MPEG content 712 is encrypted by scrambler 712 using the control 
word and a symmetrical encryption method, such as DES, and provided to descrambler 750. 
MPEG content 713 includes encoded video and/or audio content. For example, MPEG source 
710 can include a digital versatile disc (DVD) player, and MPEG content 712 can include MPEG 
5 data from a DVD. Descrambler 750 decrypts the encrypted MPEG content 713 using its copy of 
the control word used by scrambler 712 to encrypt MPEG content 713. The decrypted MPEG 
content 713 can then be provided to a MPEG decoder (not shown) via external port 110. After 
the session is completed, the control word is discarded by both MPEG source 710 and MPEG 
client interface 720 and a different control word is used for a subsequent session. 

10 In many instances, using symmetrical encryption methods for encryption/decryption is 

□ measurably faster and less resource-intense than using asymmetrical methods. However, when 
symmetrical encryption methods are somewhat less secure since more than one entity has the 
■%Q single key that both encrypts and decrypts data. Accordingly, by using an asymmetrical 
I A encryption/decryption method to encrypt and decrypt a second symmetrical key (i.e. the control 
95 word), the speed of symmetrical encryption/decryption can be utilized in addition to the relative 
£ security of asymmetrical encryption/decryption methods. Since the private key stored in key 
register 130 is practically impossible to access externally, an unauthorized entity is unlikely to 
!U obtain the private key and decrypt the encrypted control word using the private encryption key. 
p Without the private encryption key, an unauthorized entity generally must turn to brute-force 
r 7Q methods of decrypting the encrypted control word. If the encryption method used is secure 
enough, such as using a 128-bit or higher key with RSA encryption, it is highly unlikely that the 
brute-force method of decrypting the encrypted control word would be successful. Likewise, 
without the decrypted control word, an unauthorized entity would have little chance of success in 
decrypting the encrypted MPEG content 713 if it is encrypted with a strong symmetrical 
25 encryption method, such as 3DES. 

The preceding detailed description of the figures, reference has been made to the 
accompanying drawings which form a part thereof, and to which show by way of illustration 
specific embodiments in which the invention may be practiced. It will be appreciated that many 
other varied embodiments that incorporate the teachings herein may be easily constructed by 
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those skilled in the art. Accordingly, the present disclosure is not intended to be limited to the 
specific form set forth herein, but on the contrary, it is intended to cover such alternatives, 
modifications, and equivalents, as can be reasonably included within the spirit and scope of the 
invention. The preceding detailed description is, therefore, not to be taken in a limiting sense, 
and the scope of the present disclosure is defined only by the appended claims. 
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